Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

After using adwcleaner my Pc won't go on the Internet


  • Please log in to reply
10 replies to this topic

#1 Beebum1980

Beebum1980

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:10:18 AM

Posted 01 March 2015 - 03:26 PM

hi all , Alan here or beebum1980 , new to this website and forum. Got a problem with my internet after using adwcleaner. I've read some pages off the net and tried but can't seem to get anywhere. Read that I could go to run then ckd and type in netsh windsock reset and that would help and did for others but in my run it wants me to run as administrator but I'm already that so unsure what to do now. Any help would be much appreciated.
Thanks
Alan


Edited by hamluis, 01 March 2015 - 04:58 PM.
Moved from Win 7 to AV/AM Software - Hamluis.


BC AdBot (Login to Remove)

 


#2 karagarga

karagarga

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:18 AM

Posted 01 March 2015 - 04:30 PM

I can try to help. What browser are you using ? Have you rebooted yet ? Is there anything wrong with the pc ?


Edited by karagarga, 01 March 2015 - 04:30 PM.


#3 JohnC_21

JohnC_21

  • Members
  • 24,849 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:18 AM

Posted 01 March 2015 - 04:46 PM

In order to run the winsock reset type CMD in the Search Box. Right click CMD and select Run As Administrator. At the command prompt type

 netsh winsock reset

If successful it will state "Successfully reset the Winsock Catalog" then reboot the computer.



#4 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,697 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:18 AM

Posted 01 March 2015 - 07:37 PM

Hi Beebum1980 :)

Is it possible for you to also attach the logs in C:\AdwCleaner\Logs so we can see what was deleted that could had caused this issue? If the command above doesn't solve your issue, we could try to see what "broke" your connectivity and repair it another way.

animinionsmalltext.gif
unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#5 Beebum1980

Beebum1980
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:10:18 AM

Posted 01 March 2015 - 07:44 PM

Thanks JohnC_21 that's my internet back and working. I was opening the run application and typing in cmd from there and that's why it wouldn't work. What did adwcleaner delete in order for my internet to stop working?

#6 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,697 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:18 AM

Posted 01 March 2015 - 07:50 PM

If you read my post above yours and post the logs, we might be able to tell you what was broken for it to happen :)

animinionsmalltext.gif
unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#7 Beebum1980

Beebum1980
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:10:18 AM

Posted 01 March 2015 - 07:59 PM

# AdwCleaner v4.111 - Logfile created 27/02/2015 at 22:45:35
# Updated 18/02/2015 by Xplode
# Database : 2015-02-18.3 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x86)
# Username : Beebum - BEEBUM-PC
# Running from : C:\Users\Beebum\Downloads\adwcleaner_4.111.exe
# Option : Scan
 
***** [ Services ] *****
 
Service Found : netfilter
Service Found : SecureAssist
Service Found : SProtection
Service Found : winzipersvc
 
***** [ Files / Folders ] *****
 
File Found : C:\END
File Found : C:\Program Files\Mozilla Firefox\browser\searchplugins\safeguard-secure-search.xml
File Found : C:\Program Files\Mozilla Firefox\browser\searchplugins\SearchTheWeb.xml
File Found : C:\Program Files\Mozilla Firefox\browser\searchplugins\v9.xml
File Found : C:\Program Files\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml
File Found : C:\Program Files\Mozilla Firefox\defaults\pref\all-iminent.js
File Found : C:\Users\Beebum\AppData\Local\Temp\Uninstall.exe
File Found : C:\Users\Beebum\AppData\Roaming\Mozilla\Firefox\Profiles\nmwzb75u.default\Extensions\videoresumer@jetpack.xpi
File Found : C:\Users\Beebum\AppData\Roaming\Mozilla\Firefox\Profiles\nmwzb75u.default\searchplugins\avg-secure-search.xml
File Found : C:\Users\Beebum\AppData\Roaming\Mozilla\Firefox\Profiles\nmwzb75u.default\searchplugins\yahoo_ff.xml
File Found : C:\Windows\system32\drivers\netfilter.sys
File Found : C:\Windows\system32\roboot.exe
File Found : C:\Windows\system32\SecureAssist.dll
File Found : C:\Windows\system32\SecureAssist.ini
File Found : C:\Windows\system32\SecureAssistOff.ini
Folder Found : C:\Program Files\003
Folder Found : C:\Program Files\AVG SafeGuard toolbar
Folder Found : C:\Program Files\AVG Security Toolbar
Folder Found : C:\Program Files\Bench
Folder Found : C:\Program Files\Browser Champion
Folder Found : C:\Program Files\Common Files\Umbrella
Folder Found : C:\Program Files\globalUpdate
Folder Found : C:\Program Files\Iminent
Folder Found : C:\Program Files\SearchProtect
Folder Found : C:\Program Files\suprasavings
Folder Found : C:\Program Files\SupraSavings
Folder Found : C:\Program Files\ver0Safer-Surf
Folder Found : C:\Program Files\WinZipper
Folder Found : C:\ProgramData\AVG Security Toolbar
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZipper
Folder Found : C:\Users\Beebum\AppData\Local\BenchUpdater
Folder Found : C:\Users\Beebum\AppData\Local\Browser Champion
Folder Found : C:\Users\Beebum\AppData\Local\globalUpdate
Folder Found : C:\Users\Beebum\AppData\Local\SearchProtect
Folder Found : C:\Users\Beebum\AppData\Local\Temp\Iminent
Folder Found : C:\Users\Beebum\AppData\Local\Temp\mt_ffx
Folder Found : C:\Users\Beebum\AppData\Local\Temp\Yula
Folder Found : C:\Users\Beebum\AppData\Roaming\337Games
Folder Found : C:\Users\Beebum\AppData\Roaming\Mozilla\Firefox\Profiles\nmwzb75u.default\Extensions\{5709EAA3-B7BB-C64D-CD88-62DB4590AE1D}
Folder Found : C:\Users\Beebum\AppData\Roaming\Mozilla\Firefox\Profiles\nmwzb75u.default\Extensions\detgdp@gmail.com
Folder Found : C:\Users\Beebum\AppData\Roaming\Mozilla\Firefox\Profiles\nmwzb75u.default\Extensions\faststartff@gmail.com
Folder Found : C:\Users\Beebum\AppData\Roaming\OpenCandy
Folder Found : C:\Users\Beebum\AppData\Roaming\Search Protection
Folder Found : C:\Users\Beebum\AppData\Roaming\Systweak
Folder Found : C:\Users\Beebum\AppData\Roaming\WinZipper
 
***** [ Scheduled tasks ] *****
 
Task Found : ASP
Task Found : bench-sys
Task Found : bench-S-1-5-21-988988758-202770163-3203251179-1000
Task Found : bench-sys
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Data Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local
Data Found : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command [(Default)] - "C:\Program Files\Mozilla Firefox\firefox.exe" hxxp://www.istart123.com/?type=sc&ts=1422879881&from=wpm0202&uid=WDCXWD10EZEX-08M2NA0_WD-WCC3F170200702007
Data Found : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command [(Default)] - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.istart123.com/?type=sc&ts=1422879881&from=wpm0202&uid=WDCXWD10EZEX-08M2NA0_WD-WCC3F170200702007
Key Found : HKCU\Software\1ClickDownload
Key Found : HKCU\Software\AppDataLow\Software\Crossrider
Key Found : HKCU\Software\AppDataLow\Software\Rr Savings
Key Found : HKCU\Software\AppDataLow\Software\Search Protection
Key Found : HKCU\Software\AppDataLow\Software\Supra Savings
Key Found : HKCU\Software\AVG Security Toolbar
Key Found : HKCU\Software\GlobalUpdate
Key Found : HKCU\Software\Iminent
Key Found : HKCU\Software\IminentToolbar
Key Found : HKCU\Software\InstallCore
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Search Protection
Key Found : HKCU\Software\Mozilla\Extends
Key Found : HKCU\Software\powerpack
Key Found : HKCU\Software\Proxy
Key Found : HKCU\Software\systweak
Key Found : HKLM\SOFTWARE\AdvertisingSupport
Key Found : HKLM\SOFTWARE\Bench
Key Found : HKLM\SOFTWARE\Browser Champion
Key Found : HKLM\SOFTWARE\Classes\AppID\{0E4B2CAB-B859-4C57-B96E-63DDEC692BC4}
Key Found : HKLM\SOFTWARE\Classes\AppID\{76A60138-58B3-4E27-85FB-8FEF344A8998}
Key Found : HKLM\SOFTWARE\Classes\AppID\{8E9F2D02-6B06-4EBA-92C2-68438EADED28}
Key Found : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Found : HKLM\SOFTWARE\Classes\CLSID\{03EF41A4-BA24-4E49-A2C0-E1D047299287}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{130CCD34-0382-48E5-B307-0E7E72166828}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{26D25DD5-F17A-4D93-9A94-997E2124EEB4}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{30279F40-D76B-443C-A34D-F43B35B35CE1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{533403E2-6E21-4615-9E28-43F4E97E977B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{796D0AA0-DC0E-44C9-A398-C874F04D55A4}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CE2102F0-DF63-452E-9CA7-0F75FF4DDD4B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DADFCC6F-66D2-4E1D-A01B-7064CAD2F583}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EBE666C3-F26C-4CF6-8ABA-3D5F5D2625E1}
Key Found : HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\WinZipper
Key Found : HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\WinZipper
Key Found : HKLM\SOFTWARE\Classes\Installer\Features\DF720937002023F49ACAE8048560C5A1
Key Found : HKLM\SOFTWARE\Classes\Installer\Products\DF720937002023F49ACAE8048560C5A1
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Key Found : HKLM\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\WinZipper
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9863E762-BACC-46E4-8CAA-2A6ADA06B65B}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9863E762-BACC-46E4-8CAA-2A6ADA06B65B}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl
Key Found : HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\com.bench.nmhost
Key Found : HKLM\SOFTWARE\hdcode
Key Found : HKLM\SOFTWARE\Iminent
Key Found : HKLM\SOFTWARE\istart123Software
Key Found : HKLM\SOFTWARE\LevelQualityWatcher
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{208D4124-3895-4974-B293-A159BD306078}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{15D811D6-979A-4DA0-9B21-A6E02AEABAEF}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DatamngrCoordinator.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\013AC89AE8CD1D45889FDECE68DF5C58
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\13FCB74451B14F755A9489A45D48059A
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\32DA746012E6D4F488AAD113D6FA4A44
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3A8D788750C70AA57A73B2319DF554AE
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3FB1AAC4382437047A03618BF727B859
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\592A2C0FFC3C7855AA30F38A3C25B7DA
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6A426544C5826DA5292547521114EC1F
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CC5ECDC1EDBB7615D81C34F1B6A68589
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D35F7D2F9958FA155AE7953C4A2EE959
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB01B45D33D99A85CB09D2FCEABE5EAC
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\DF720937002023F49ACAE8048560C5A1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{739027FD-0200-4F32-A9AC-8E4058065C1A}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{739027FD-0200-4F32-A9AC-8E4058065C1A}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winzipper
Key Found : HKLM\SOFTWARE\Proxy
Key Found : HKLM\SOFTWARE\Rr Savings
Key Found : HKLM\SOFTWARE\Supra Savings
Key Found : HKLM\SOFTWARE\systweak
Key Found : HKLM\SOFTWARE\TornTv Downloader
Key Found : HKLM\SOFTWARE\Umbrella
Key Found : HKLM\SOFTWARE\V9
Key Found : HKLM\SOFTWARE\V9Software
Key Found : HKLM\SOFTWARE\winzipersvc
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Search Protection]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Bench Communicator Watcher]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Bench Settings Cleaner]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [detgdp@gmail.com]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [faststartff@gmail.com]
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17631
 
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page] - hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StK2q0U14moCf-ET1EM4uw4GigvFB13oDc3Q3t57J8enJeDBogjzOqBRTXb-cGRjxmEfbAr5Jmn353_-q0A6s02mVYXpehnODbJTCrMf55ThLnh5FVbHNE8HiZh21Ft7gZyyCP8JIQzy-Iwjlpoz8UJhgLmZqXbjDSpBnWDvqxcX5gTx9Wa4dG6mNDLrhNR09HxArmYT62klsXZQ,,&q={searchTerms}
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://search.v9.com/web/?type=ds&ts=1417997437&from=ild&uid=WDCXWD10EZEX-08M2NA0_WD-WCC3F170200702007&i=psd&t=34d313ce4&q={searchTerms}
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.istart123.com/?type=hp&ts=1422879881&from=wpm0202&uid=WDCXWD10EZEX-08M2NA0_WD-WCC3F170200702007
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.istart123.com/?type=hp&ts=1422879881&from=wpm0202&uid=WDCXWD10EZEX-08M2NA0_WD-WCC3F170200702007
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://search.v9.com/web/?type=ds&ts=1417997437&from=ild&uid=WDCXWD10EZEX-08M2NA0_WD-WCC3F170200702007&i=psd&t=34d313ce4&q={searchTerms}
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL] - hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StK2q0U14moCf-ET1EM4uw4GigvFB13oDc3Q3t57J8enJeDBogjzOqBRTXb-cGRjxmEfbAr5Jmn353_-q0A6s02mVYXpehnODbJTCrMf55ThLnh5FVbHNE8HiZh21Ft7gZyyCP8JIQzy-Iwjlpoz8UJhgLmZqXbjDSpBnWDvqxcX5gTx9Wa4dG6mNDLrhNR09HxArmYT62klsXZQ,,&q={searchTerms}
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant] - hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StK2q0U14moCf-ET1EM4uw4GigvFB13oDc3Q3t57J8enJeDBogjzOqBRTXb-cGRjxmEfbAr5Jmn353_-q0A6s02mVYXpehnODbJTCrMf55ThLnh5FVbHNE8HiZh21Ft7gZyyCP8JIQzy-Iwjlpoz8UJhgLmZqXbjDSpBnWDvqxcX5gTx9Wa4dG6mNDLrhNR09HxArmYT62klsXZQ,,&q={searchTerms}
Setting Found : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default] - hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StK2q0U14moCf-ET1EM4uw4GigvFB13oDc3Q3t57J8enJeDBogjzOqBRTXb-cGRjxmEfbAr5Jmn353_-q0A6s02mVYXpehnODbJTCrMf55ThLnh5FVbHNE8HiZh21Ft7gZyyCP8JIQzy-Iwjlpoz8UJhgLmZqXbjDSpBnWDvqxcX5gTx9Wa4dG6mNDLrhNR09HxArmYT62klsXZQ,,&q={searchTerms}
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default] - hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StK2q0U14moCf-ET1EM4uw4GigvFB13oDc3Q3t57J8enJeDBogjzOqBRTXb-cGRjxmEfbAr5Jmn353_-q0A6s02mVYXpehnODbJTCrMf55ThLnh5FVbHNE8HiZh21Ft7gZyyCP8JIQzy-Iwjlpoz8UJhgLmZqXbjDSpBnWDvqxcX5gTx9Wa4dG6mNDLrhNQG021-352P_0WnYA2Q,,&q={searchTerms}
 
-\\ Mozilla Firefox v34.0.5 (x86 en-GB)
 
[nmwzb75u.default] - Line Found : user_pref("browser.newtab.url", "chrome://quick_start/content/index.html");
[nmwzb75u.default] - Line Found : user_pref("browser.startup.homepage", "hxxp://search.iminent.com/?appId=8EB90853-D008-405B-B210-190B4C12AA00");
[nmwzb75u.default] - Line Found : user_pref("extensions.iminent.admin", false);
[nmwzb75u.default] - Line Found : user_pref("extensions.iminent.aflt", "orgnl");
[nmwzb75u.default] - Line Found : user_pref("extensions.iminent.appId", "{0E4B2CAB-B859-4C57-B96E-63DDEC692BC4}");
[nmwzb75u.default] - Line Found : user_pref("extensions.iminent.autoRvrt", "false");
[nmwzb75u.default] - Line Found : user_pref("extensions.iminent.dfltLng", "");
[nmwzb75u.default] - Line Found : user_pref("extensions.iminent.excTlbr", false);
[nmwzb75u.default] - Line Found : user_pref("extensions.iminent.ffxUnstlRst", false);
[nmwzb75u.default] - Line Found : user_pref("extensions.iminent.id", "beae5a670000000000006c626d4a7aac");
[nmwzb75u.default] - Line Found : user_pref("extensions.iminent.instlDay", "16206");
[nmwzb75u.default] - Line Found : user_pref("extensions.iminent.instlRef", "");
[nmwzb75u.default] - Line Found : user_pref("extensions.iminent.newTab", false);
[nmwzb75u.default] - Line Found : user_pref("extensions.iminent.prdct", "iminent");
[nmwzb75u.default] - Line Found : user_pref("extensions.iminent.prtnrId", "iminent");
[nmwzb75u.default] - Line Found : user_pref("extensions.iminent.rvrt", "false");
[nmwzb75u.default] - Line Found : user_pref("extensions.iminent.smplGrp", "none");
[nmwzb75u.default] - Line Found : user_pref("extensions.iminent.tlbrId", "YBCPCSTIPO");
[nmwzb75u.default] - Line Found : user_pref("extensions.iminent.tlbrSrchUrl", "hxxp://start.iminent.com/?ref=toolbarm#q=");
[nmwzb75u.default] - Line Found : user_pref("extensions.iminent.vrsn", "1.8.28.3");
[nmwzb75u.default] - Line Found : user_pref("extensions.iminent.vrsnTs", "1.8.28.315:43:54");
[nmwzb75u.default] - Line Found : user_pref("extensions.iminent.vrsni", "1.8.28.3");
[nmwzb75u.default] - Line Found : user_pref("extensions.quick_start.enable_search1", false);
[nmwzb75u.default] - Line Found : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);
[nmwzb75u.default] - Line Found : user_pref("iminent.LayoutId", "1");
[nmwzb75u.default] - Line Found : user_pref("iminent.ShowThankyouPixel", "0");
[nmwzb75u.default] - Line Found : user_pref("iminent._oaZGabJJ8Q_", "{\"cpt\":0,\"cpr\":0.3525896593964883,\"s\":0,\"es\":1}");
[nmwzb75u.default] - Line Found : user_pref("iminent.adapters", "{\"www.avg.com\":{\"CountryCode\":\"GB\",\"NoAds\":false,\"Status\":2,\"AdapterKey\":\"default_adapter\",\"v\":true,\"p\":0,\"t\":1,\"th\":0.228,\"expireTime\":\"1400254[...]
[nmwzb75u.default] - Line Found : user_pref("iminent.enableToolbar", "true");
[nmwzb75u.default] - Line Found : user_pref("iminent.enabledAds", "obsolete");
[nmwzb75u.default] - Line Found : user_pref("iminent.externalScripts", "{\"value\":[{\"addonUid\":\"10bb6277-6b2b-413e-8d82-ad9398543254\",\"name\":\"Dealply\",\"addonId\":1,\"url\":\"//i.imitinjs.info/imitin/javascript.js\",\"querySt[...]
[nmwzb75u.default] - Line Found : user_pref("iminent.externalScripts.iRobinHood.IROBPKG", "{\"pkgid\":\"wrDCtsKywrHCtsK4wrPCucK3\",\"raw_pkgid\":\"173079286\"}");
[nmwzb75u.default] - Line Found : user_pref("iminent.externalScripts.iRobinHood.irobsettings2", "[{\"ALERT_MESSAGES\":1,\"Analytics_code\":\"\",\"APPROVE_STRIP_COLOR\":\"4BBA42    \",\"CHARITY_URL\":\"hxxp://iminent.donation-tools.org[...]
[nmwzb75u.default] - Line Found : user_pref("iminent.externalScripts.iRobinHood.menuURL", "hxxp://iminent.donation-tools.org/home.aspx?pkgId=wrDCtsKywrHCtsK4wrPCucK3");
[nmwzb75u.default] - Line Found : user_pref("iminent.newtabredirect", "true");
[nmwzb75u.default] - Line Found : user_pref("iminent.nomsi", "true");
[nmwzb75u.default] - Line Found : user_pref("iminent.registerToolbarEvent100", "1408561577258");
[nmwzb75u.default] - Line Found : user_pref("iminent.registerToolbarEvent102", "1414150492088");
[nmwzb75u.default] - Line Found : user_pref("iminent.registerToolbarEvent140", "1407900900719");
[nmwzb75u.default] - Line Found : user_pref("iminent.searchindex", "2");
[nmwzb75u.default] - Line Found : user_pref("iminent.trackExternalScripts1", "1400254467045");
[nmwzb75u.default] - Line Found : user_pref("iminent.trackExternalScripts2", "1400254467129");
[nmwzb75u.default] - Line Found : user_pref("iminent.trackExternalScripts3", "1400254467195");
[nmwzb75u.default] - Line Found : user_pref("iminent.trackingInfo", "{\"state\":0,\"samplingRate\":0}");
[nmwzb75u.default] - Line Found : user_pref("iminent.version", "8.31.1.1");
[nmwzb75u.default] - Line Found : user_pref("iminent.versioning", "{\"CurrentVersion\":\"8.31.1.1\",\"InstallEventCTime\":1408641776325,\"InstallEvent\":\"True\"}");
 
-\\ Google Chrome v
 
 
-\\ Opera v27.0.1689.76
 
*************************
 
AdwCleaner[R0].txt - [20225 bytes] - [27/02/2015 22:45:35]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [20285 bytes] ##########

# AdwCleaner v4.111 - Logfile created 27/02/2015 at 23:15:21
# Updated 18/02/2015 by Xplode
# Database : 2015-02-18.3 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x86)
# Username : Beebum - BEEBUM-PC
# Running from : C:\Users\Beebum\Downloads\adwcleaner_4.111.exe
# Option : Cleaning
 
***** [ Services ] *****
 
Service Deleted : netfilter
[#] Service Deleted : SecureAssist
Service Deleted : SProtection
Service Deleted : winzipersvc
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\AVG Security Toolbar
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZipper
Folder Deleted : C:\Program Files\003
Folder Deleted : C:\Program Files\AVG SafeGuard toolbar
Folder Deleted : C:\Program Files\AVG Security Toolbar
Folder Deleted : C:\Program Files\Bench
Folder Deleted : C:\Program Files\globalUpdate
Folder Deleted : C:\Program Files\Iminent
Folder Deleted : C:\Program Files\SearchProtect
Folder Deleted : C:\Program Files\SupraSavings
Folder Deleted : C:\Program Files\WinZipper
Folder Deleted : C:\Program Files\Browser Champion
Folder Deleted : C:\Program Files\ver0Safer-Surf
Folder Deleted : C:\Program Files\Common Files\Umbrella
Folder Deleted : C:\Users\Beebum\AppData\Local\Temp\Iminent
Folder Deleted : C:\Users\Beebum\AppData\Local\Temp\mt_ffx
Folder Deleted : C:\Users\Beebum\AppData\Local\Temp\Yula
Folder Deleted : C:\Users\Beebum\AppData\Local\BenchUpdater
Folder Deleted : C:\Users\Beebum\AppData\Local\globalUpdate
Folder Deleted : C:\Users\Beebum\AppData\Local\SearchProtect
Folder Deleted : C:\Users\Beebum\AppData\Local\Browser Champion
Folder Deleted : C:\Users\Beebum\AppData\Roaming\337Games
Folder Deleted : C:\Users\Beebum\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\Beebum\AppData\Roaming\Search Protection
Folder Deleted : C:\Users\Beebum\AppData\Roaming\Systweak
Folder Deleted : C:\Users\Beebum\AppData\Roaming\WinZipper
Folder Deleted : C:\Users\Beebum\AppData\Roaming\Mozilla\Firefox\Profiles\nmwzb75u.default\Extensions\faststartff@gmail.com
Folder Deleted : C:\Users\Beebum\AppData\Roaming\Mozilla\Firefox\Profiles\nmwzb75u.default\Extensions\{5709EAA3-B7BB-C64D-CD88-62DB4590AE1D}
Folder Deleted : C:\Users\Beebum\AppData\Roaming\Mozilla\Firefox\Profiles\nmwzb75u.default\Extensions\detgdp@gmail.com
File Deleted : C:\Users\Beebum\AppData\Roaming\Mozilla\Firefox\Profiles\nmwzb75u.default\Extensions\videoresumer@jetpack.xpi
File Deleted : C:\END
File Deleted : C:\Windows\system32\drivers\netfilter.sys
File Deleted : C:\Windows\system32\roboot.exe
File Deleted : C:\Windows\system32\SecureAssist.dll
File Deleted : C:\Windows\system32\SecureAssist.ini
File Deleted : C:\Windows\system32\SecureAssistOff.ini
File Deleted : C:\Users\Beebum\AppData\Local\Temp\Uninstall.exe
File Deleted : C:\Program Files\Mozilla Firefox\defaults\pref\all-iminent.js
File Deleted : C:\Users\Beebum\AppData\Roaming\Mozilla\Firefox\Profiles\nmwzb75u.default\searchplugins\avg-secure-search.xml
File Deleted : C:\Program Files\Mozilla Firefox\browser\searchplugins\safeguard-secure-search.xml
File Deleted : C:\Program Files\Mozilla Firefox\browser\searchplugins\SearchTheWeb.xml
File Deleted : C:\Program Files\Mozilla Firefox\browser\searchplugins\v9.xml
File Deleted : C:\Program Files\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml
File Deleted : C:\Users\Beebum\AppData\Roaming\Mozilla\Firefox\Profiles\nmwzb75u.default\searchplugins\yahoo_ff.xml
 
***** [ Scheduled tasks ] *****
 
Task Deleted : ASP
Task Deleted : bench-sys
Task Deleted : bench-S-1-5-21-988988758-202770163-3203251179-1000
 
***** [ Shortcuts ] *****
 
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Shortcut Disinfected : C:\Users\Beebum\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\Beebum\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Shortcut Disinfected : C:\Users\Beebum\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
 
***** [ Registry ] *****
 
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [faststartff@gmail.com]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [detgdp@gmail.com]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Search Protection]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\com.bench.nmhost
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Bench Communicator Watcher]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Bench Settings Cleaner]
Key Deleted : HKCU\Software\Mozilla\Extends
Key Deleted : HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\WinZipper
Key Deleted : HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\WinZipper
Key Deleted : HKLM\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\WinZipper
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0E4B2CAB-B859-4C57-B96E-63DDEC692BC4}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{76A60138-58B3-4E27-85FB-8FEF344A8998}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{8E9F2D02-6B06-4EBA-92C2-68438EADED28}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03EF41A4-BA24-4E49-A2C0-E1D047299287}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{130CCD34-0382-48E5-B307-0E7E72166828}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{26D25DD5-F17A-4D93-9A94-997E2124EEB4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{30279F40-D76B-443C-A34D-F43B35B35CE1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{533403E2-6E21-4615-9E28-43F4E97E977B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{796D0AA0-DC0E-44C9-A398-C874F04D55A4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CE2102F0-DF63-452E-9CA7-0F75FF4DDD4B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DADFCC6F-66D2-4E1D-A01B-7064CAD2F583}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EBE666C3-F26C-4CF6-8ABA-3D5F5D2625E1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9863E762-BACC-46E4-8CAA-2A6ADA06B65B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{208D4124-3895-4974-B293-A159BD306078}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{15D811D6-979A-4DA0-9B21-A6E02AEABAEF}
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\AVG Security Toolbar
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\Iminent
Key Deleted : HKCU\Software\IminentToolbar
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\powerpack
Key Deleted : HKCU\Software\Proxy
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\Rr Savings
Key Deleted : HKCU\Software\AppDataLow\Software\Search Protection
Key Deleted : HKCU\Software\AppDataLow\Software\Supra Savings
Key Deleted : HKLM\SOFTWARE\AdvertisingSupport
Key Deleted : HKLM\SOFTWARE\Bench
Key Deleted : HKLM\SOFTWARE\hdcode
Key Deleted : HKLM\SOFTWARE\Iminent
Key Deleted : HKLM\SOFTWARE\istart123Software
Key Deleted : HKLM\SOFTWARE\LevelQualityWatcher
Key Deleted : HKLM\SOFTWARE\Proxy
Key Deleted : HKLM\SOFTWARE\Rr Savings
Key Deleted : HKLM\SOFTWARE\Supra Savings
Key Deleted : HKLM\SOFTWARE\systweak
Key Deleted : HKLM\SOFTWARE\Umbrella
Key Deleted : HKLM\SOFTWARE\V9
Key Deleted : HKLM\SOFTWARE\V9Software
Key Deleted : HKLM\SOFTWARE\winzipersvc
Key Deleted : HKLM\SOFTWARE\Browser Champion
Key Deleted : HKLM\SOFTWARE\TornTv Downloader
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Search Protection
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{739027FD-0200-4F32-A9AC-8E4058065C1A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winzipper
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\013AC89AE8CD1D45889FDECE68DF5C58
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\13FCB74451B14F755A9489A45D48059A
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\32DA746012E6D4F488AAD113D6FA4A44
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3A8D788750C70AA57A73B2319DF554AE
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3FB1AAC4382437047A03618BF727B859
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\592A2C0FFC3C7855AA30F38A3C25B7DA
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6A426544C5826DA5292547521114EC1F
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CC5ECDC1EDBB7615D81C34F1B6A68589
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D35F7D2F9958FA155AE7953C4A2EE959
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB01B45D33D99A85CB09D2FCEABE5EAC
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\DF720937002023F49ACAE8048560C5A1
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\DF720937002023F49ACAE8048560C5A1
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\DF720937002023F49ACAE8048560C5A1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DatamngrCoordinator.exe
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17631
 
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]
 
-\\ Mozilla Firefox v34.0.5 (x86 en-GB)
 
[nmwzb75u.default\prefs.js] - Line Deleted : user_pref("browser.newtab.url", "chrome://quick_start/content/index.html");
[nmwzb75u.default\prefs.js] - Line Deleted : user_pref("browser.startup.homepage", "hxxp://search.iminent.com/?appId=8EB90853-D008-405B-B210-190B4C12AA00");
[nmwzb75u.default\prefs.js] - Line Deleted : user_pref("extensions.iminent.admin", false);
[nmwzb75u.default\prefs.js] - Line Deleted : user_pref("extensions.iminent.aflt", "orgnl");
[nmwzb75u.default\prefs.js] - Line Deleted : user_pref("extensions.iminent.appId", "{0E4B2CAB-B859-4C57-B96E-63DDEC692BC4}");
[nmwzb75u.default\prefs.js] - Line Deleted : user_pref("extensions.iminent.autoRvrt", "false");
[nmwzb75u.default\prefs.js] - Line Deleted : user_pref("extensions.iminent.dfltLng", "");
[nmwzb75u.default\prefs.js] - Line Deleted : user_pref("extensions.iminent.excTlbr", false);
[nmwzb75u.default\prefs.js] - Line Deleted : user_pref("extensions.iminent.ffxUnstlRst", false);
[nmwzb75u.default\prefs.js] - Line Deleted : user_pref("extensions.iminent.id", "beae5a670000000000006c626d4a7aac");
[nmwzb75u.default\prefs.js] - Line Deleted : user_pref("extensions.iminent.instlDay", "16206");
[nmwzb75u.default\prefs.js] - Line Deleted : user_pref("extensions.iminent.instlRef", "");
[nmwzb75u.default\prefs.js] - Line Deleted : user_pref("extensions.iminent.newTab", false);
[nmwzb75u.default\prefs.js] - Line Deleted : user_pref("extensions.iminent.prdct", "iminent");
[nmwzb75u.default\prefs.js] - Line Deleted : user_pref("extensions.iminent.prtnrId", "iminent");
[nmwzb75u.default\prefs.js] - Line Deleted : user_pref("extensions.iminent.rvrt", "false");
[nmwzb75u.default\prefs.js] - Line Deleted : user_pref("extensions.iminent.smplGrp", "none");
[nmwzb75u.default\prefs.js] - Line Deleted : user_pref("extensions.iminent.tlbrId", "YBCPCSTIPO");
[nmwzb75u.default\prefs.js] - Line Deleted : user_pref("extensions.iminent.tlbrSrchUrl", "hxxp://start.iminent.com/?ref=toolbarm#q=");
[nmwzb75u.default\prefs.js] - Line Deleted : user_pref("extensions.iminent.vrsn", "1.8.28.3");
[nmwzb75u.default\prefs.js] - Line Deleted : user_pref("extensions.iminent.vrsnTs", "1.8.28.315:43:54");
[nmwzb75u.default\prefs.js] - Line Deleted : user_pref("extensions.iminent.vrsni", "1.8.28.3");
[nmwzb75u.default\prefs.js] - Line Deleted : user_pref("extensions.quick_start.enable_search1", false);
[nmwzb75u.default\prefs.js] - Line Deleted : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);
[nmwzb75u.default\prefs.js] - Line Deleted : user_pref("iminent.LayoutId", "1");
[nmwzb75u.default\prefs.js] - Line Deleted : user_pref("iminent.ShowThankyouPixel", "0");
[nmwzb75u.default\prefs.js] - Line Deleted : user_pref("iminent._oaZGabJJ8Q_", "{\"cpt\":0,\"cpr\":0.3525896593964883,\"s\":0,\"es\":1}");
[nmwzb75u.default\prefs.js] - Line Deleted : user_pref("iminent.adapters", "{\"www.avg.com\":{\"CountryCode\":\"GB\",\"NoAds\":false,\"Status\":2,\"AdapterKey\":\"default_adapter\",\"v\":true,\"p\":0,\"t\":1,\"th\":0.228,\"expireTime\":\"1400254[...]
[nmwzb75u.default\prefs.js] - Line Deleted : user_pref("iminent.enableToolbar", "true");
[nmwzb75u.default\prefs.js] - Line Deleted : user_pref("iminent.enabledAds", "obsolete");
[nmwzb75u.default\prefs.js] - Line Deleted : user_pref("iminent.externalScripts", "{\"value\":[{\"addonUid\":\"10bb6277-6b2b-413e-8d82-ad9398543254\",\"name\":\"Dealply\",\"addonId\":1,\"url\":\"//i.imitinjs.info/imitin/javascript.js\",\"querySt[...]
[nmwzb75u.default\prefs.js] - Line Deleted : user_pref("iminent.externalScripts.iRobinHood.IROBPKG", "{\"pkgid\":\"wrDCtsKywrHCtsK4wrPCucK3\",\"raw_pkgid\":\"173079286\"}");
[nmwzb75u.default\prefs.js] - Line Deleted : user_pref("iminent.externalScripts.iRobinHood.irobsettings2", "[{\"ALERT_MESSAGES\":1,\"Analytics_code\":\"\",\"APPROVE_STRIP_COLOR\":\"4BBA42    \",\"CHARITY_URL\":\"hxxp://iminent.donation-tools.org[...]
[nmwzb75u.default\prefs.js] - Line Deleted : user_pref("iminent.externalScripts.iRobinHood.menuURL", "hxxp://iminent.donation-tools.org/home.aspx?pkgId=wrDCtsKywrHCtsK4wrPCucK3");
[nmwzb75u.default\prefs.js] - Line Deleted : user_pref("iminent.newtabredirect", "true");
[nmwzb75u.default\prefs.js] - Line Deleted : user_pref("iminent.nomsi", "true");
[nmwzb75u.default\prefs.js] - Line Deleted : user_pref("iminent.registerToolbarEvent100", "1408561577258");
[nmwzb75u.default\prefs.js] - Line Deleted : user_pref("iminent.registerToolbarEvent102", "1414150492088");
[nmwzb75u.default\prefs.js] - Line Deleted : user_pref("iminent.registerToolbarEvent140", "1407900900719");
[nmwzb75u.default\prefs.js] - Line Deleted : user_pref("iminent.searchindex", "2");
[nmwzb75u.default\prefs.js] - Line Deleted : user_pref("iminent.trackExternalScripts1", "1400254467045");
[nmwzb75u.default\prefs.js] - Line Deleted : user_pref("iminent.trackExternalScripts2", "1400254467129");
[nmwzb75u.default\prefs.js] - Line Deleted : user_pref("iminent.trackExternalScripts3", "1400254467195");
[nmwzb75u.default\prefs.js] - Line Deleted : user_pref("iminent.trackingInfo", "{\"state\":0,\"samplingRate\":0}");
[nmwzb75u.default\prefs.js] - Line Deleted : user_pref("iminent.version", "8.31.1.1");
[nmwzb75u.default\prefs.js] - Line Deleted : user_pref("iminent.versioning", "{\"CurrentVersion\":\"8.31.1.1\",\"InstallEventCTime\":1408641776325,\"InstallEvent\":\"True\"}");
 
-\\ Google Chrome v
 
 
-\\ Opera v27.0.1689.76
 
 
*************************
 
AdwCleaner[R0].txt - [20365 bytes] - [27/02/2015 22:45:35]
AdwCleaner[S0].txt - [19165 bytes] - [27/02/2015 23:15:21]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [19225  bytes] ##########

thats the 2 i got Aura



#8 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,697 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:18 AM

Posted 01 March 2015 - 08:02 PM

I can see that a lot of connection settings were affected by the fix, which might have broke your winsocks entries, but there's no "explicit" signs of this. Also, a lot of things were fixed by AdwCleaner, it wouldn't surprise me if there was remnants. I would get checked by a helper here on BleepingComputer to make sure that nothing's left. In order to do that, you have to post a thread in the Virus, Trojan, Spyware, and Malware Removal Logs section. You have to follow the instructions in the preparation guide prior to posting your thread, since it contains the steps to follow when posting it.

animinionsmalltext.gif
unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#9 Beebum1980

Beebum1980
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:10:18 AM

Posted 01 March 2015 - 08:12 PM

Thanks again Aura I'll contact bleeping computer tomorrow after I've read everything then will post my thread.
Thanks
Alan

#10 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,697 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:18 AM

Posted 01 March 2015 - 08:14 PM

No problem Alan, good luck with the clean-up procedure :)

animinionsmalltext.gif
unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#11 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 52,090 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:05:18 AM

Posted 02 March 2015 - 05:52 AM


After doing that, please reply back in this thread with a link to the new topic so we can close this one.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users